logo

Privacy Policy

 

Company Policy on Personal Data Protection

 

AGIVA LTD is an administrator of personal data within the meaning of the General Data Protection Regulation (Regulation (EU) 2016/679). You can contact the Administrator at the following address: city of Varna, 5 Chernorizets Hrabar Str.

 

AGIVA LTD commits itself to comply with the applicable data protection laws, including but not limited to the General Data Protection Regulation, the Personal Data Protection Act and the sub-statutory regulations issued thereon.

 

When processing all employees and contractors, AGIVA LTD respects the privacy and protects their personal data.

 

AGIVA Ltd has taken the necessary organizational and technical measures for the personal data protection.

 

AGIVA LTD processes only duly collected personal data necessary for specific, precise and legitimate purposes:

 

  • Individualisation of the data subjects upon entering into employment and civil relations with the Administrator, fulfilment of the legal and contractual obligations of the Administrator arising from its quality of employer/assignor;
  • Conclusion and fulfilment of the obligations under the contracts concluded by the Administrator related to its activity;
  • Implementation of regulatory obligations of the Administrator related to the activity exercised by it;
  • Other purposes requiring the processing of personal data by the Administrator, as in any case the Administrator shall be obliged to establish the existence of a ground for the processing within the meaning of Art. 6 of General Data Protection Regulation (Regulation (ЕU) 2016/679).

 

The personal data that AGIVA LTD collects and processes should be accurate and, if necessary, updated. Personal data are deleted or corrected when they are found to be inaccurate or inconsistent with the purposes for which they are processed.

 

AGIVA LTD stores and processes the collected personal data for a period no longer than it is necessary for the fulfilment of the purposes for which the personal data have been collected.

 

AGIVA LTD complies with the general prohibition on the processing of special categories of personal data such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in trade unions, as well as the processing of genetic data, biometric data for the sole purpose of the identification of an individual, health data or data on the sexual life or sexual orientation of the individual. When it is necessary for achieving the processing goals of AGIVA LTD to process sensitive personal data, this will be done in strict compliance with the legal requirements.

 

The subjects whose personal data are processed by AGIVA LTD have the following rights:

 

  • Right to information about their personal data processed by AGIVA LTD
  • Right to access to their personal data processed by AGIVA LTD
  • Right to correct inaccurate personal data processed by AGIVA LTD
  • Right of personal data deletion ("right to be forgotten");
  • Right to restrict the processing of their personal data;
  • Right to portability of their personal data.

 

Rights listed above may be exercised by the data subjects as they:

 

  • Send an application in person or through an authorized person to the following e-mail address gdpr@agiva.net. The application should be signed pursuant to the Electronic Document and Electronic Signature Act.
  • Send an application in person or through an authorized person to the following address: city of Varna, 5 Chernorizets Hrabar Str. 

 

AGIVA LTD may provide personal data to third parties if and to the extent necessary:

 

  • to achieve the purposes for which the relevant categories of personal data were collected;
  • to comply with a legal obligation;
  • to protect the rights and safety of AGIVA Ltd., of our employees and contractors.

 

In the event of a violation of the data subjects rights, each of them has the right to protection which he/she may realize by:

 

  • bringing the case to the Data Protection Commission;
  • appealing actions and acts of the data controller before the relevant Administrative Court or the Supreme Administrative Court under the general rules on jurisdiction.